1. Field of the Invention
The present invention relates to a card payment transaction terminal and system which are so formed that a card payment transaction can be executed by using card information read from an inserted card and a password inputted.
2. Description of the Related Art
Referring to FIG. 7, goods sales data processing unit (POS system) is disposed in, for example, a supermarket or a large-sized domestic electrical appliance store. The unit is so constructed that a plurality of electronic cash registers 10 and a POS controller 40 are connected through a data communication line 1, and that they and a store controller 50 being a host machine are connected through a data communication line (for example, LAN) 2.
The individual electronic cash registers 10 can execute goods registrations for goods purchased by customers, and account transactions for the registered goods. Sales data are gathered by the store controller 50, and are collectively managed therein.
The account transactions by the electronic cash register 10 include card payment as well as payment in cash. In order to deal with the card payment, card payment transaction terminals 30P are provided in a number equal to or smaller than the number of the electronic cash registers 10.
The card payment transaction terminal 30P is a terminal for making an inquiry as to credit. As shown in FIG. 8, the terminal body 30B is formed as a structure in which an upper housing 30U and a lower housing 30D are combined. Besides, the terminal body 30B is constructed including a control unit (a CPU, a ROM, etc.), a data input device 34, a data display device 35, a card reader 37 and a printer 36.
Now, the basic functions of the card payment transaction terminal 30P will be explained with reference to FIG. 9.
First, when a card user or a store clerk inserts a card into the card reader 37 through an insertion guide 37G (YES at ST50 in FIG. 9), the card reader 37 reads card information including the personal data of the card (ST51).
Subsequently, the card user himself/herself inputs his/her personal ID (password) with the data input device 34 (YES at ST52). Further, the card user or the clerk inputs payment information (such as the amount of payment) (YES at ST53). The amount of payment, etc. are displayed on the data display device 35 for the sake of verification.
Besides, the card payment transaction terminal 30P generates inquiry information (ST54), and it inquires of the POS controller 40 through the data communication line 1 shown in FIG. 7. Further, the POS controller 40 inquires of the store controller 50 through the data communication line 2. Finally, the store controller 50 inquires of a host computer (external computer) 70 installed in, e. g., a credit card company, about the card through a data communication line 3 (ST55).
Besides, when the card payment transaction terminal 30P receives an permission response from the external computer 70 (YES at ST56,. YES at ST57), it executes a card payment transaction (ST58). Card payment data are printed on printing paper delivered from a roll of printing paper 100, by the printer 36. The printed paper is handed to the card user. By the way, when the card payment transaction terminal 30P receives a rejection response (YES at ST56, NO at ST57), it executes an error transaction (ST59).
Accordingly, the card payment transaction terminal 30P can execute the complicated card payment quickly and exactly, and such transaction terminals have remarkably spread wide.
With the spread of the terminals, however, the damages of so-called xe2x80x9cskimmingxe2x80x9d being illegal acts in which wrongdoers copy the personal data of cards have become a serious problem.
More specifically, someone (the wrongdoer) having stolen in at midnight will detach the upper housing 30U and lower housing 30D constituting the terminal body 30B, then mount a so-called xe2x80x9cskimmerxe2x80x9d, which is a device having a size approximately equal to that of a cigarette case and capable of copying the personal data, near the card reader 37 built in the terminal body 30B, and thereafter reassemble the terminal body 30B.
When a clerk not knowing the wrongdoing inserts cards into the card reader 37 and makes inquiries on and after the next day (ST51 to ST54 in FIG. 9), the personal data of the cards are accumulated into the skimmer simultaneously with the inquiries. That is, the skimming is done at each well-intentioned use after the mounting of the skimmer.
Thereafter, the wrongdoer will disassemble the terminal body 30B, take out the skimmer and read the personal data copied by the skimmer. Then, a plurality of cards might be forged by the wrongdoer so as to be used illegally. Since the holders of the lawful cards do not notice their damages soon, the skimming is serious.
Meanwhile, in a case where the terminal body 30B is disassembled and reassembled, it is inevitably opened. Therefore, a sealing label 200 on which words xe2x80x9cDON""T OPENxe2x80x9d are printed as shown in FIG. 8 is stuck on the terminal body 30B in order that the clerk et al. may judge the opening of the terminal body 30B, that is, the high likelihood of the mounting of the skimmer.
When the terminal body 30B was disassembled (or opened), the clerk et al. can know the illegal act from the external appearance of the terminal body 30B. In this way, the store side has prevented the skimming from occurring.
However, the methods of illegal acts become craftier and craftier. By way of example, when a substitute label for the sealing label 200 is created and stuck, the store side cannot find out the illegal act. The illegal act in which an insider is involved cannot be seen through at all for the reason that a genuine label is stuck as the sealing label 200.
In this regard, there has been proposed and has come into use a card payment transaction terminal which is so constructed that the opening of the terminal body 30B can be electronically detected, and that, in case of the detection, a card payment transaction program, for example, can be forcibly destroyed by judging the mounting of the skimmer.
By the way, in each of an eating house, a golf course, a gasoline station, etc., the card payment transaction terminal 30P is sometimes used independently out of relation to the electronic cash register 10.
With the program destruction scheme, certainly the skimming and the card forgery can be prevented, but card payment transactions for customers in good faith cannot be handled after the illegal act at which the skimmer was mounted. That is, customer service degrades with the scheme. Besides, the scheme really avoids actual damage to the store or the like because of the prevention of the skimming as well as the card forgery, but it has the fatal problem of failing to take the drastic measure of finding and arresting the wrongdoer and his/her group who mounted the skimmer.
The first objective of the present invention is to provide a card payment transaction terminal which can externally transmit information to the effect that the illegal act of mounting a skimmer was performed. The second objective is to provide a system which can prevent the use of a forged card from occurring and can find a wrongdoer having mounted a skimmer, by using transmission information sent from a card payment transaction terminal.
(1) A card payment transaction terminal of one aspect of the present invention executes a card payment transaction by using card information read from an inserted card and a password inputted to the terminal,
wherein the terminal detects that a terminal body has been opened when the terminal body is opened, and information of an illegal act that has been performed is stored in a memory when the opening of the terminal body is detected, and
wherein transmission information that includes information stored in the memory is transmitted to an external device.
With such a card payment transaction terminal, when the opening of the terminal body has been detected, the performance of the illegal act is judged, and the information to that effect is stored in the memory. Besides, the terminal transmits the transmission information including the information stored in the memory, to the exterior (for example, a card issuing company or a card administering company).
Accordingly, the card payment transaction terminal can execute the card payment transactions of customers in good faith even after the mounting of a skimmer unlike the program destruction mode in the prior art. Therefore, the terminal can keep customer service, and it permits the exterior to know that the illegal act of mounting the skimmer was performed. Also, the terminal facilitates to take the drastic measure of finding and arresting a wrongdoer and his/her group who mounted the skimmer.
(2) The information of the illegal act may be stored as time information including at least one of a date and a time that is abnormal.
With such a card payment transaction terminal, since the information of the illegal act is stored as the time information including the date or time which cannot exist ordinarily, it is possible to easily execute the card payment transactions of customers in good faith, and to reliably discriminate whether or not a card is a forged one, in the exterior, even after the transmission information to the effect of the performance of the illegal act was transmitted to the exterior. Also, with the terminal, it is not noticed by the wrongdoer that the information was transmitted, and the wrongful alteration of the information, etc. by the wrongdoer can be prevented.
(3) The time information may be generated by modifying a standard time of a clock included in the terminal body.
With such a card payment transaction terminal, since the time information which is the information of the illegal act is generated by modifying the standard time of the clock in the terminal body, the wrongdoer cannot meddle with the terminal. Therefore, the terminal can reliably prevent the skimming and is safer.
(4) The clock may return to the standard time when a security card has been installed in a predetermined position within the terminal body.
With such a card payment transaction terminal, the modified time of the clock in the terminal body can be returned to the standard time when the security card has been installed in the predetermined position within the terminal body. Accordingly, the security card can be kept in custody only in, e. g., the factory of the manufacturer of the terminal, so that the terminal is much safer.
(5) The card payment transaction terminal may further comprise a sensor which detects that the terminal body has been opened.
(6) The memory may be a nonvolatile memory.
Information stored in the memory can be transmitted even after the reassembly of the terminal body. Accordingly, the terminal can transmit the information to the effect of the performance of illegal acts, to the exterior anytime and repeatedly.
(7) A card payment transaction system of a second aspect of the present invention transmits to an external computer, information of card payment transaction using card information read from an inserted card by a card payment transaction terminal and a password inputted to the terminal, and executes a card payment transaction after a permission of the external computer has been obtained,
wherein the card payment transaction terminal is formed so that:
the terminal detects that a terminal body has been opened when the terminal body is opened, and information of an illegal act that has been performed is stored in a memory when the opening of the terminal body is detected; and
transmission information that includes information stored in the memory is transmitted to an external device, and
wherein the external computer is formed so that:
the transmission information received from the card payment transaction terminal is stored in a transmission information table, and thereafter the card information which relates to the card payment transaction information received from the card payment transaction terminal is stored in a handled card information table in relation to the transmission information stored in the transmission information table; and
in a case where an inquiry about the card payment transaction information which includes the card information that is same as a handled card information stored in the handled card information table has been received from the card payment transaction terminal, an inquired card payment transaction is permitted when the number of times of the inquiry is equal to or less than a preset number of times, and the inquired card payment transaction is rejected when the number of times of the inquiry exceeds the preset number of times.
With such a card payment transaction system, when the opening of the terminal body has been detected, the card payment transaction terminal judges the likelihood of the mounting of a skimmer and stores the information of the illegal act in the memory. Besides, the terminal transmits the transmission information including the information stored in the memory, to the external computer. Thus, the transmission of the terminal is not noticed even in a case where the insider of a store for which the system is installed coexists as one member of the group of wrongdoers.
Besides, upon receiving the transmission information from the card payment transaction terminal, the external computer stores this transmission information in the transmission information table. In the case where the external computer has received the card payment transaction information from the card payment transaction terminal after having stored the transmission information, it stores the card information concerning the received card payment transaction information, in the handled card information table in relation to the transmission information stored in the transmission information table.
In the case where the external computer has received from the card payment transaction terminal, the inquiry about the card payment transaction information which includes the same card information as the handled card information stored in the handled card information table, it permits the card payment transaction when the number of times of inquiries is equal to or smaller than the preset number of times, and it rejects the card payment transaction when the number of times of inquiries exceeds the preset number of times.
Accordingly, the system can prevent the use of a forged card from occurring and can find a wrongdoer having mounted a skimmer, by using the transmission information sent from the card payment transaction terminal. More specifically, the system can execute the card payment transactions of customers in good faith even after the mounting of the skimmer unlike the program destruction mode in the prior art, so that it can keep customer service. Besides, the system permits the external computer side to know that the illegal act of mounting of the skimmer was performed. Also, the system is easy of taking the drastic measure of finding and arresting the wrongdoer and his/her group who mounted the skimmer. Moreover, according to the system, when the preset number of times is set at xe2x80x9cone timexe2x80x9d by way of example, only one time of card use by a customer in good faith is permitted after the mounting of the skimmer, and the uses of the same card at the second time, et seq. can be readily discriminated as the illegal uses of the forged card. Further, when the preset number of times is set at xe2x80x9c3 timesxe2x80x9d by way of example, the system can be operated so as to permit 3 times of card uses in good faith a day for a regular customer, and the applicability thereof can be expanded more.
Incidentally, as an aspect concerning the detection of the opening of the card payment transaction terminal body, in a case where the terminal body is constructed by combining the two housings of an upper housing and a lower housing by way of example, the card payment transaction system of the present invention may well be formed so as to be capable of detecting it as the opening of the terminal body that the wrongdoer disassembled the terminal body into the upper housing and the lower housing.
(8) The external computer may output the handled card information stored in the handled card information table.
With such a card payment transaction system, since the external computer can output the handled card information stored in the handled card information table (as, for example, a display output or/and a print output), the deduction of the forged card is facilitated.
(9) The external computer may output the transmission information stored in the transmission information table.
With such a card payment transaction system, since the external computer can output the transmission information stored in the transmission information table (as, for example, a display output or/and a print output), the likelihood of the use of the forged card can be supposed before the illegal use thereof.
(10) The memory of the card payment transaction terminal, and the transmission information table and the handled card information table of the external computer may be nonvolatile memories.
With such a card payment transaction system, since the information stored in the memory of the card payment transaction terminal can be transmitted even after the reassembly of the terminal body, the terminal can transmit the information to the effect of the performance of illegal acts, to the exterior anytime or repeatedly. Further, the external computer can accept the transmission information anytime or repeatedly. Accordingly, the system can sense the illegal use of the forged card.